package com.ct.commons.interceptor.permission;

import com.ct.application.sysuser.contants.SysUserContants;
import com.ct.application.sysuser.service.ISystemUserService;
import com.ct.commons.annotation.LoginIgnore;
import com.ct.rbac.enums.RbacResultEnum;
import com.ct.rbac.model.SysApisModel;
import com.ct.redis.util.RedisUtil;
import com.ct.utils.JsonUtil;
import com.ct.utils.exception.ApiException;
import com.ct.utils.threadlocal.UserThreadLocal;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import java.lang.annotation.Annotation;
import java.util.List;

@Component
@Slf4j
public class SecurityInterceptor implements HandlerInterceptor {


    @Resource
    private RedisUtil<String> redisUtil;
    @Autowired
    private ISystemUserService systemUserService;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 获取当前用户的角色的权限信息
        // ----login放入权限
        if (handler instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) handler;
            // 判断是否执行的类增加忽略注解
            LoginIgnore annotation = handlerMethod.getBeanType().getAnnotation(LoginIgnore.class);
            if (annotation != null) {
                return true;
            }
            // 判断类上加了注解
            Annotation methodAnnotation = handlerMethod.getMethodAnnotation(LoginIgnore.class);
            if (methodAnnotation == null) {
                // ----切换角色的时候放入权限
                String permissionList = redisUtil.get(SysUserContants.RBAC_PERMISSION_LIST + UserThreadLocal.get().getId());
                if (StringUtils.isNotEmpty(permissionList)) {
                    List<SysApisModel> apiList = JsonUtil.string2Obj(permissionList, List.class, SysApisModel.class);
                    // 获取当前访问的路径
                    String currentPath = request.getRequestURI();
                    long count = apiList.stream().filter(c -> currentPath.startsWith(c.getPath())).count();
                    if (count == 0) {
                        throw new ApiException(RbacResultEnum.PERMISSION_API_EX);
                    }
                }
            }
        }

        // 请求资源
        return true;
    }



    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}
